Open rixongary opened 1 year ago
cindymullins-dw
commented
1 year ago @rixongary , at the moment Istio Multicluster is not supported. I can leave this issue open as a feature request and if you're interested in contributing please let us know.
rixongary
commented
1 year ago @cindymullins-dw thanks for confirming that for us. Much appreciated.
I am not in a position to be able to contribute I'm afraid.
May I suggest that an information box or something is added to the Istio integration page in the Emissary docs (https://www.getambassador.io/docs/emissary/latest/howtos/istio) stating that multi-cluster is not currently supported please? Saves you answering the same question again in future :)
Thanks again!
Hunrik
commented
1 year ago I was able to make the cross-cluster communication work by not adding the traffic.sidecar.istio.io/includeOutboundIPRanges: "" label and setting the host_rewrite to the same as the service value
Describe the bug We are running an Istio multi-cluster setup with 2 clusters. We are using Istio version 1.14.1 on all workloads, including emissary-ingress, which is injected with the istio-proxy sidecar via the
istio.io/rev: 1-14-1label on theemissarynamespace; i.e. standard practice. This is all running on 2 GKE clusters running kubernetes versionv1.21.14-gke.4300We installed emissary-ingresss following this documentation - https://www.getambassador.io/docs/emissary/latest/howtos/istio
If we
execinto an emissary-ingress pod, we can communicate with workloads on the same cluster as expected. When we try to communicate with a workload on the remote cluster, we receive504 Gateway Timeoutresponses. DNS resolution for remote services is working.Another non-emissary pod in the same namespace as the emissary-ingress pods, can communicate with the remote service without issue. This seems to point to emissary-ingress as being the problem is this case.
Expected behavior To be able to communicate with remote services.
Versions (please complete the following information):
3.3.1emissary-ingress-8.3.1